When a user enjoys a certain service, identification (authentication) is performed to identify whether the user is a valid user qualified to enjoy the service. In such case, the user cannot enjoy the service if the user fails in the authentication for such a reason as lack of a key or expiration of a key.
There has been a problem in that even a valid user (even when the user has no intention to commit a fraud) becomes unable to receive the service, if the user neglects procedures to validate the user, such as to update a key.
Further, there has been another problem in the art described in JP2003-196240 that an authentication is temporarily permitted, therefore, if a user has succeeded in an authentication in the past, the user can be repeatedly authenticated thereafter, and may be able to access the authenticating device, which could result in a security hole.
Further, there has been another problem in the arts described in JP11-274999, JP2000-138674, and JP2000-196588 that a used key is determined only among the keys held by the both parties, and execution of a key update is impossible.
It is an object of the present invention to provide a service to an authorized user and to enhance service availability and convenience for a user by means of a key updated by executing a key update.